OpenPMF Security Policy Automation and Management Platform stops security breaches and data leakage with powerful policy enforcement, and makes security policy manageable through automation.
OpenPMF is the “umbrella” platform for security policy management. It allows organizations to implement rich policies with consistency – organization-wide “in depth” across many technologies and layers. OpenPMF lets you do this in a way that is easy to implement, manage and audit. You can author and maintain powerful yet intuitive security policies across your IT landscape , including for example Attribute Based Access Control (ABAC) based on rich, customizable attributes such as location, time and context. OpenPMF automatically calculates the matching technical enforcement rules and configurations for you – automatically bridging the ‘semantic gap’ between human intuitive generic security policies and the detailed technical implementation. OpenPMF reduces risk/costs, improves security & compliance, and enables smarter business. OpenPMF supports modern security initiatives including Zero Trust Architecture (ZTA) and DevSecOps.
What problem does OpenPMF solve?
When securing your organization’s interconnected IT landscape…There are too many rules & configurations, and too many changes to do this manually. It’s unmanageable. The policy you wanted isn’t all that complex and long if you write it out in human-intuitive concepts and terms. The policy gets very simple if you capture it in generic concepts.OpenPMF lets you easily author such generic policies and many more advanced generic policies. OpenPMF automatically calculates the matching technical rules & configurations. Even better, such generic policies won’t need to be changed often, even if your IT landscape changes! OpenPMF simply re-calculates the technical updates for you! And OpenPMF even tests and documents policies for you automatically.
Features and Benefits
ObjectSecurity OpenPMF lets you easily author generic and advanced security policies. It enables you to maintain “one truth” of the undistorted, feature-rich, expressive policies. OpenPMF automatically calculates the matching technical rules & configurations for the underlying IT landscape, integrating either via OpenPMF’s own enforcement software agents, or via rapidly customizable exporters to configure third party products.
OpenPMF is powerful and scalable: such generic policies will not need to be changed often, even if your IT landscape changes. OpenPMF simply re-calculates the technical updates for you. Unlike competing technologies, OpenPMF makes advanced access policies both manageable and implementable. It integrates out of the box with numerous standards and technologies, and automates much of policy authoring and enforcement.
OpenPMF helps you implement and manage better access policies: you can robustly implement the necessary access control policies across your IT andscape based on rich, customizable attributes including location, time and context. OpenPMF makes access control mode effective, auditable and manageable across your interconnected IT landscape for all stakeholders. It reduces cost, and improves security and compliance. It also speeds up and simplifies security implementation, maintenance, and testing. It is often implemented as part of Zero Trust Architcture (ZTA), DevSecOps, and Identity & Access Management (IAM) initiatives, which all major enterprises and governments have
How does OpenPMF work?
OpenPMF’s policies are captured in generic terms , rather than in technical security rules. This way, OpenPMF policies typically do not have to change when the application landscape (e.g. web application interactions) changes. OpenPMF automatically generates the technical security enforcement rules from those models by automatically analyzing the applications with all their interactions, and inferring which rules are required to enforce the requirements defined in the models. OpenPMF (patent-pending) ensures policies are manageable even if IT landscapes are large and change dynamically. The result is a significant cost saving, esp. with respect to maintenance.
OpenPMF Security Policy Automation.
OpenPMF is the security policy automation “umbrella” that lets you manage “one truth of the policy” in generic, expressive, intuitive terms.
OpenPMF imports existing information that makes policy automation easier, using its customizable importers.
OpenPMF generates and enforces the matching low-level policies across your IT landscape via its own enforcement infrastructure and via customizable exporters into third party products.
OpenPMF monitors security, and generates compliance documentation automatically.
OpenPMF also lets you test policies before deployment.
OpenPMF is robust and scalable regardless of the complexity of your IT landscape today and what it evolves to tomorrow.